{"id":"6a943a04-2785-451b-9539-d90753be0174","shortId":"D4CfuG","kind":"skill","title":"ci-cd","tagline":"Set up or modify CI/CD pipelines for automated quality gates and deployment. Use when scaffolding a new project's pipeline, adding checks (lint, types, tests, build, audit), configuring deployment, or debugging CI failures. Don't use for local pre-commit hooks (use `setup-pre-com","description":"# CI/CD\n\nAutomate quality gates so no change reaches production without passing tests, lint, type checking, and build. CI is the enforcement mechanism for every other skill — it catches what humans and agents miss, consistently, on every change.\n\n**Shift left**: catch problems as early as possible. A bug caught in lint costs minutes; the same bug in production costs hours. Move checks upstream — static analysis before tests, tests before staging, staging before production.\n\n**Faster is safer**: smaller batches, more frequent releases. A deployment with 3 changes is easier to debug than one with 30.\n\n## When to Use\n\n- Setting up a new project's CI pipeline\n- Adding or modifying automated checks\n- Configuring deployment pipelines\n- When a change should trigger automated verification\n- Debugging CI failures\n\n## The Quality Gate Pipeline\n\nEvery PR passes these gates before merge:\n\n```\nPR opened\n  │\n  ▼\nLINT          eslint, prettier (or language equivalents)\n  │ pass\n  ▼\nTYPECHECK     tsc --noEmit (or equivalent)\n  │ pass\n  ▼\nUNIT TESTS    jest/vitest/pytest\n  │ pass\n  ▼\nBUILD         npm run build (catches build-time errors lint misses)\n  │ pass\n  ▼\nINTEGRATION   API + DB tests (if applicable)\n  │ pass\n  ▼\nE2E (opt)     Playwright/Cypress (slowest, run on main paths only)\n  │ pass\n  ▼\nSECURITY      deps-audit / npm audit\n  │ pass\n  ▼\nBUNDLE SIZE   bundlesize check (frontend projects)\n  │ pass\n  ▼\nMERGE OK\n```\n\nEach gate is independent and parallel where possible. Fail-fast: stop the pipeline on the first failure, but report all results when running parallel jobs.\n\n## Platform mapping\n\n| Use case | Platform | Notes |\n|----------|----------|-------|\n| Open source / personal projects | GitHub Actions | Free for public repos; fast onboarding |\n| Work projects with self-hosted infra | Buildkite | Hybrid hosted/self-hosted agents; better for monorepos |\n| GitLab projects | GitLab CI | Native integration with merge requests |\n| Multi-cloud / vendor-neutral | CircleCI, Drone | Less common in 2026 |\n\nThis skill assumes GitHub Actions for personal projects and Buildkite for work projects. Other platforms have equivalent concepts.\n\n## GitHub Actions starter\n\nFor a typical Node/TS project, a single `.github/workflows/ci.yml`:\n\n```yaml\nname: CI\non:\n  pull_request:\n  push:\n    branches: [main]\n\njobs:\n  ci:\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v4\n      - uses: actions/setup-node@v4\n        with:\n          node-version-file: '.tool-versions'\n          cache: npm\n      - run: npm ci\n      - run: npm run lint\n      - run: npm run typecheck\n      - run: npm test -- --coverage\n      - run: npm run build\n      - run: npm audit --audit-level=high\n```\n\nMatch the gates to what `validate-code` runs locally. Parity between local and CI is the goal — fewer \"works on my machine\" moments.\n\n## Buildkite starter\n\nFor a work project with self-hosted agents:\n\n```yaml\nsteps:\n  - label: \":lint:\"\n    command: npm run lint\n  - label: \":typescript:\"\n    command: npm run typecheck\n  - label: \":test_tube:\"\n    command: npm test -- --coverage\n  - label: \":hammer:\"\n    command: npm run build\n  - wait\n  - label: \":shipit:\"\n    branches: main\n    command: ./scripts/deploy.sh\n```\n\nUse parallel steps for lint/typecheck/tests, then `wait` before deploy.\n\n## Caching\n\nCache aggressively — caching is the cheapest CI optimization:\n\n- `node_modules` — keyed by `package-lock.json` hash\n- Build artifacts between jobs — pass via `actions/upload-artifact` or Buildkite artifacts\n- Test results for affected-tests-only runs (Turbo, Nx, custom)\n\nBad cache > no cache: validate cache keys include all inputs (lock file + Node version + OS).\n\n## Deployment strategies\n\n| Strategy | When |\n|----------|------|\n| Blue/green | Zero-downtime releases, easy rollback (cost: 2x infra during deploy) |\n| Canary | Gradual rollout, observe metrics, abort if regression |\n| Rolling | Default for most apps, slow incremental replacement |\n| Feature flags | Decouple deploy from release; ship dark, enable later |\n\nFor solo / small projects: simple rolling deploy + feature flags is usually enough.\n\n## Rules\n\n- Lint, typecheck, tests, build, security audit — all required to merge\n- Local validation (`validate-code`) must match CI gates — no \"passes locally, fails in CI\"\n- Fail fast on the first error in critical paths; run independent gates in parallel\n- Cache dependencies aggressively; invalidate carefully (lock file + Node version + OS in key)\n- Never auto-merge without all gates passing\n- Never disable a gate to ship faster — fix the underlying issue or quarantine the test\n- Deployments are atomic and reversible — every release has a rollback path\n\n## Debugging CI failures\n\nProcess:\n\n1. Reproduce locally if possible (`validate-code` matches CI gates)\n2. Read the failing step's logs end-to-end — don't skim\n3. Compare against the last passing run for the same gate (CI logs preserve history)\n4. Hypothesize: env difference, race condition, flaky test, dep update\n5. Fix or quarantine — never skip silently\n6. Add a regression test if the failure was a real bug\n\n## Red flags\n\n- Same test fails intermittently — flaky test, quarantine and fix root cause\n- CI passes but production breaks — gates don't reflect production constraints\n- Long CI runs (>15min) — split, parallelize, cache\n- Builds rerun from scratch every time — caching not configured\n- Auto-merge enabled with weak gates — recipe for regressions\n- \"Skip CI\" used routinely — gates too painful or too noisy; fix the gates\n\n## Verification\n\nAfter setting up or modifying a pipeline:\n\n- [ ] All gates from the local `validate-code` skill are present in CI\n- [ ] Average run time < 10 minutes for typical PR\n- [ ] Caching cuts cold-start vs warm-start by >50%\n- [ ] Failed gates produce actionable error messages with file:line refs\n- [ ] Rollback path documented and tested","tags":["agent","skills","helderberto","agent-skills","ai-tools","antigravity","claude-code","cursor","developer-tools","gemini-cli","markdown","plugin"],"capabilities":["skill","source-helderberto","skill-ci-cd","topic-agent-skills","topic-ai-tools","topic-antigravity","topic-claude-code","topic-cursor","topic-developer-tools","topic-gemini-cli","topic-markdown","topic-plugin","topic-sdlc","topic-skills","topic-tracer-bullet"],"categories":["agent-skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/helderberto/agent-skills/ci-cd","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add helderberto/agent-skills","source_repo":"https://github.com/helderberto/agent-skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (5,871 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:09:12.120Z","embedding":null,"createdAt":"2026-05-18T13:14:52.048Z","updatedAt":"2026-05-18T19:09:12.120Z","lastSeenAt":"2026-05-18T19:09:12.120Z","tsv":"'/scripts/deploy.sh':484 '1':689 '10':845 '15min':785 '2':700 '2026':326 '2x':557 '3':134,714 '30':143 '4':729 '5':739 '50':860 '6':746 'abort':566 'action':285,331,346,864 'actions/checkout':375 'actions/setup-node':378 'actions/upload-artifact':515 'ad':24,155 'add':747 'affect':523 'affected-tests-on':522 'agent':82,302,450 'aggress':496,641 'analysi':114 'api':216 'app':573 'applic':220 'artifact':510,518 'assum':329 'atom':676 'audit':30,235,237,411,413,605 'audit-level':412 'auto':653,799 'auto-merg':652,798 'autom':11,52,158,168 'averag':842 'bad':530 'batch':127 'better':303 'blue/green':549 'branch':363,481 'break':775 'bug':97,105,757 'build':29,67,203,206,209,408,477,509,603,789 'build-tim':208 'buildkit':299,336,440,517 'bundl':239 'bundles':241 'cach':388,494,495,497,531,533,535,639,788,795,850 'canari':561 'care':643 'case':277 'catch':78,90,207 'caught':98 'caus':770 'cd':3 'chang':57,87,135,165 'cheapest':500 'check':25,65,111,159,242 'ci':2,35,68,153,171,309,358,366,392,430,501,617,624,686,698,725,771,783,809,841 'ci-cd':1 'ci/cd':8,51 'circleci':321 'cloud':317 'code':423,614,696,836 'cold':853 'cold-start':852 'com':50 'command':455,461,468,474,483 'commit':44 'common':324 'compar':715 'concept':344 'condit':734 'configur':31,160,797 'consist':84 'constraint':781 'cost':101,108,556 'coverag':404,471 'critic':632 'custom':529 'cut':851 'dark':584 'db':217 'debug':34,139,170,685 'decoupl':579 'default':570 'dep':234,737 'depend':640 'deploy':15,32,132,161,493,545,560,580,593,674 'deps-audit':233 'differ':732 'disabl':660 'document':873 'downtim':552 'drone':322 'e2e':222 'earli':93 'easi':554 'easier':137 'enabl':585,801 'end':708,710 'end-to-end':707 'enforc':71 'enough':598 'env':731 'equival':191,197,343 'error':211,630,865 'eslint':187 'everi':74,86,177,679,793 'fail':257,622,625,703,762,861 'fail-fast':256 'failur':36,172,265,687,753 'fast':258,290,626 'faster':123,665 'featur':577,594 'fewer':434 'file':384,541,645,868 'first':264,629 'fix':666,740,768,818 'flag':578,595,759 'flaki':735,764 'free':286 'frequent':129 'frontend':243 'gate':13,54,175,181,249,418,618,636,657,662,699,724,776,804,812,820,830,862 'github':284,330,345 'github/workflows/ci.yml':355 'gitlab':306,308 'goal':433 'gradual':562 'hammer':473 'hash':508 'high':415 'histori':728 'hook':45 'host':297,449 'hosted/self-hosted':301 'hour':109 'human':80 'hybrid':300 'hypothes':730 'includ':537 'increment':575 'independ':251,635 'infra':298,558 'input':539 'integr':215,311 'intermitt':763 'invalid':642 'issu':669 'jest/vitest/pytest':201 'job':273,365,512 'key':505,536,650 'label':453,459,465,472,479 'languag':190 'last':718 'later':586 'latest':372 'left':89 'less':323 'level':414 'line':869 'lint':26,63,100,186,212,396,454,458,600 'lint/typecheck/tests':489 'local':41,425,428,610,621,691,833 'lock':540,644 'log':706,726 'long':782 'machin':438 'main':228,364,482 'map':275 'match':416,616,697 'mechan':72 'merg':183,246,313,609,654,800 'messag':866 'metric':565 'minut':102,846 'miss':83,213 'modifi':7,157,826 'modul':504 'moment':439 'monorepo':305 'move':110 'multi':316 'multi-cloud':315 'must':615 'name':357 'nativ':310 'neutral':320 'never':651,659,743 'new':20,150 'node':382,503,542,646 'node-version-fil':381 'node/ts':351 'noemit':195 'noisi':817 'note':279 'npm':204,236,389,391,394,398,402,406,410,456,462,469,475 'nx':528 'observ':564 'ok':247 'onboard':291 'one':141 'open':185,280 'opt':223 'optim':502 'os':544,648 'package-lock.json':507 'pain':814 'parallel':253,272,486,638,787 'pariti':426 'pass':61,179,192,198,202,214,221,231,238,245,513,620,658,719,772 'path':229,633,684,872 'person':282,333 'pipelin':9,23,154,162,176,261,828 'platform':274,278,341 'playwright/cypress':224 'possibl':95,255,693 'pr':178,184,849 'pre':43,49 'pre-commit':42 'present':839 'preserv':727 'prettier':188 'problem':91 'process':688 'produc':863 'product':59,107,122,774,780 'project':21,151,244,283,293,307,334,339,352,445,590 'public':288 'pull':360 'push':362 'qualiti':12,53,174 'quarantin':671,742,766 'race':733 'reach':58 'read':701 'real':756 'recip':805 'red':758 'ref':870 'reflect':779 'regress':568,749,807 'releas':130,553,582,680 'replac':576 'repo':289 'report':267 'reproduc':690 'request':314,361 'requir':607 'rerun':790 'result':269,520 'revers':678 'roll':569,592 'rollback':555,683,871 'rollout':563 'root':769 'routin':811 'rule':599 'run':205,226,271,368,390,393,395,397,399,401,405,407,409,424,457,463,476,526,634,720,784,843 'runs-on':367 'safer':125 'scaffold':18 'scratch':792 'secur':232,604 'self':296,448 'self-host':295,447 'set':4,147,823 'setup':48 'setup-pre-com':47 'shift':88 'ship':583,664 'shipit':480 'silent':745 'simpl':591 'singl':354 'size':240 'skill':76,328,837 'skill-ci-cd' 'skim':713 'skip':744,808 'slow':574 'slowest':225 'small':589 'smaller':126 'solo':588 'sourc':281 'source-helderberto' 'split':786 'stage':119,120 'start':854,858 'starter':347,441 'static':113 'step':373,452,487,704 'stop':259 'strategi':546,547 'test':28,62,116,117,200,218,403,466,470,519,524,602,673,736,750,761,765,875 'time':210,794,844 'tool':386 'tool-vers':385 'topic-agent-skills' 'topic-ai-tools' 'topic-antigravity' 'topic-claude-code' 'topic-cursor' 'topic-developer-tools' 'topic-gemini-cli' 'topic-markdown' 'topic-plugin' 'topic-sdlc' 'topic-skills' 'topic-tracer-bullet' 'trigger':167 'tsc':194 'tube':467 'turbo':527 'type':27,64 'typecheck':193,400,464,601 'typescript':460 'typic':350,848 'ubuntu':371 'ubuntu-latest':370 'under':668 'unit':199 'updat':738 'upstream':112 'use':16,39,46,146,276,374,377,485,810 'usual':597 'v4':376,379 'valid':422,534,611,613,695,835 'validate-cod':421,612,694,834 'vendor':319 'vendor-neutr':318 'verif':169,821 'version':383,387,543,647 'via':514 'vs':855 'wait':478,491 'warm':857 'warm-start':856 'weak':803 'without':60,655 'work':292,338,435,444 'yaml':356,451 'zero':551 'zero-downtim':550","prices":[{"id":"16d674cc-77f8-47a1-b0af-3931d8770fb2","listingId":"6a943a04-2785-451b-9539-d90753be0174","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"helderberto","category":"agent-skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:14:52.048Z"}],"sources":[{"listingId":"6a943a04-2785-451b-9539-d90753be0174","source":"github","sourceId":"helderberto/agent-skills/ci-cd","sourceUrl":"https://github.com/helderberto/agent-skills/tree/main/skills/ci-cd","isPrimary":false,"firstSeenAt":"2026-05-18T13:14:52.048Z","lastSeenAt":"2026-05-18T19:09:12.120Z"}],"details":{"listingId":"6a943a04-2785-451b-9539-d90753be0174","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"helderberto","slug":"ci-cd","github":{"repo":"helderberto/agent-skills","stars":8,"topics":["agent-skills","ai","ai-tools","antigravity","claude-code","cursor","developer-tools","gemini-cli","markdown","plugin","sdlc","skills","tracer-bullet"],"license":"mit","html_url":"https://github.com/helderberto/agent-skills","pushed_at":"2026-05-14T11:37:47Z","description":"My personal SDLC toolbelt for AI coding agents — PRD to ship.","skill_md_sha":"fbfb627ff4b216e3efd7c752d3dbeefdaffc68d4","skill_md_path":"skills/ci-cd/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/helderberto/agent-skills/tree/main/skills/ci-cd"},"layout":"multi","source":"github","category":"agent-skills","frontmatter":{"name":"ci-cd","description":"Set up or modify CI/CD pipelines for automated quality gates and deployment. Use when scaffolding a new project's pipeline, adding checks (lint, types, tests, build, audit), configuring deployment, or debugging CI failures. Don't use for local pre-commit hooks (use `setup-pre-commit`) or for one-off script runs."},"skills_sh_url":"https://skills.sh/helderberto/agent-skills/ci-cd"},"updatedAt":"2026-05-18T19:09:12.120Z"}}